Symantec Backup Exec Scheduler ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities

info
discussion
exploit
solution
references

Symantec Backup Exec Scheduler ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

UPDATE (May 8, 2008): The Symantec Threat Analysis Team has observed active exploits in the wild.

The following exploit is available:

/data/vulnerabilities/exploits/26904.html